Skip to main content

Privacy Policy and Notice at Collection for California Residents

Effective Date: 01/01/2026

Introduction

This CCPA Privacy Policy and Notice at Collection for California Residents (the “Privacy Policy”) applies to the processing of information by Amica Mutual Insurance Company (and its subsidiaries and affiliates, collectively referred to as “Amica”, “we”, “our”, and “us”) with respect to personal information of California residents to the extent the information is subject to the California Consumer Privacy Act of 2018 as amended, including by the California Privacy Rights Act of 2020, and any applicable regulations (“CCPA”). For example, this Privacy Policy does not apply to personal information collected pursuant to various ‎‎exemptions ‎including for (i) information collected subject to the federal Gramm-Leach-Bliley Act and its implementing regulations, (ii) ‎‎medical and health information covered by HIPAA, and (iii) de-‎identified or publicly available ‎‎information.‎

Personal Information We Collect, Use, Disclose, Share, or Sell

Categories of Personal Information We Collect, Categories of Sources of Personal ‎Information, Business or Commercial Purposes for Which Personal Information Will Be ‎Used, and Third Parties with Whom Personal Information is Sold, Shared, or Disclosed.‎

We collect information that identifies, relates to, describes, is reasonably capable of being ‎associated with, or could reasonably be linked, directly or indirectly, with a particular consumer ‎or household (“personal information”). The chart below includes information collected for ‎various types of individuals, such as our customers, employees, and others including independent contractors.  As a result, not all of ‎the categories of collected personal information described below may be applicable to you. ‎Within the last twelve (12) months and on an ongoing basis, we have collected and disclosed, and may collect and disclose, the following categories of personal ‎information as further described below.

Category of Personal Information Collected

Identifiers

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Personal information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. Note: Some personal information included in this category may overlap with other categories.

Protected classification characteristics under California or federal law

Age (40 years or older), race, color, ancestry, national origin (including language use and possession of a driver’s license issued to persons unable to provide their presence in the United State is authorized under federal law), citizenship, religion or creed, marital status, medical condition, physical or mental disability (including HIV/AIDS status, cancer diagnosis, and genetic characteristics), sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Biometric information

Physiological, biological, or behavioral, characteristics (including DNA) that can be used to establish individual identity, or imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health or exercise data that contain identifying information.

Internet or other electronic network activity

Browsing history, search history, information on a consumer's interaction with an internet website, application, or advertisement.

Geolocation data

Physical location or movements.

Sensory data

Audio, electronic, visual, thermal, olfactory, or similar information.

Professional or employment-related information

Current or past job history or performance evaluations.

Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g, 34 C.F.R. Part 99))

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Inferences drawn from other personal information to create a profile about a consumer

Profile reflecting a consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Sensitive Personal Information

Social Security number, driver’s license number, state identification number, or passport number;  account log-in financial account, debit card, or credit card number in combination with any required security access code, password, or credentials allowing access to the account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; contents of mail, email or text messages unless Amica is the intended recipient of the communication; or genetic information. 

Information about our Personal Information Processing Activities

We use personal information for the performance of our services, and for our business operations or human resource functions. For example, we use personal information to support and improve our website, products and services; manage human resources and benefits for our employees; evaluate job applicants’ suitability for a job opening; make decisions about promotion and determinations about seniority of employees; and evaluate employees and their performance.

We collect personal information from the following sources: from you and from others including financial services companies that we work with; third party claims handlers who are involved in a claim or assist us in investigating or processing claims, including witnesses and external claims data collectors and verifiers; our business partners with whom we work to provide insurance products and services, public sources, such as public databases (where permitted by law); from our affiliates; from data brokers; insurance brokers or other intermediaries; third party evidence providers; healthcare service providers; financial institutions; and individuals that you may be associated with (e.g., employees or directors, family members, etc.)

We disclose all categories of personal information to our service providers; other third parties with which you or we maintain a relationship regarding your service or products; government agencies, including to support legal and regulatory requirements; and our affiliates.

Personal information is retained based on internal retention policies, which typically require retention for a period of no longer than seven years, unless extending the retention period is required or permitted by law for regulatory, compliance or legal purposes or subject to an exception in our retention policy. The retention period may vary depending on why Personal information was collected or used, the type of Personal information, product type and service. We use the following standards to determine the applicable retention periods: the time required to retain Personal information to fulfill business purposes, including providing products and services; maintaining corresponding transactions and business records; controlling and improving the performance and quality of the website; handling possible inquiries, market conduct examinations, or complaints; and whether any laws, regulations and contracts have requirements for data retention. Information is segregated by legal retention requirements and maintained in accordance with various local, state, federal, and other legal requirements.

We may sell consumers’ personal information.

We may disclose personal information to other service providers and third parties that assist us with cross-context behavioral advertising.  In this context, we sell and share, including in the past twelve (12) months, the following categories of personal information to providers of marketing, third-party data analysis, website hosting, and technology consulting services: identifiers; commercial information; internet or other electronic network activity; geolocation data (general, non-precise location information); and inferences drawn from other personal information to create a profile about a consumer. For purposes of marketing and data analytics, we or third-party online advertising and analytics companies may use tools and services to gather, analyze, and store information about users, including for statistical purposes, reporting, attribution, analytics, market research, interest-based advertising, ad delivery and other purposes described in our Online Privacy Policy: https://www.amica.com/en/privacy-security/website-privacy-policy.html. These cookies, web beacons, and similar technologies are used to help analyze how you use online services or to collect or receive information from our websites and elsewhere on the Internet and use that information to provide measurement services and target ads. Cookies are small text files that are placed on your browser that can be used to identify you across web pages and sessions. Web beacons are small pieces of code that can communicate information about your device or browser to a server. Under the CCPA, these activities may constitute a “sale” if the personal information is exchanged for non-monetary consideration (anything of value), or “sharing” if the personal information is disclosed for cross context behavioral advertising purposes. You could restrict this sharing through your browser preferences. Please review our Online Privacy Policy for more information.

We do not sell or share (for purposes of cross-context behavioral advertising) the personal information of minors under 16 years of age.

We do not use or disclose Sensitive Personal Information for purposes other than the following:

  1.  To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.
  2. To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information,
  3. To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions.‎
  4. To ensure the physical safety of natural persons.
  5. For short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer’s current interaction with the business, provided that the personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business.
  6. To perform services on behalf of the business. ‎
  7. To verify or maintain the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by the business.
  8. To collect or process Sensitive Personal Information where such collection or processing is not for the purpose of inferring characteristics about a consumer. ‎

Your Privacy Rights

Submitting Consumer Requests

You may submit a consumer request to us through our contact us section below to make a consumer request. You may make up to two disclosure requests in any 12-month period.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

Making a verifiable consumer request does not require you to create an account with us.

When you submit a verifiable consumer request, we will take steps to verify your request ‎by email or telephone call. In some cases, we may request additional information in order to verify ‎your request or where necessary to process your request. If we are unable to adequately verify a ‎request, we will notify the requestor. Authorized agents will be required to provide proof of their ‎authorization and we may also require that the relevant consumer directly verify their identity and ‎the authority of the authorized agent.‎

We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Right to Know and Access Your Information

You have the right to request that we disclose to you certain descriptions and categories of the personal information we collect, use, disclose, share, or sell about you. For example, you may request the following through a consumer request:

  1. The categories of personal information we have collected about you.‎
  2. The categories of sources from which personal information is collected.‎
  3. The business or commercial purpose for collecting, selling, or sharing personal information.‎
  4. The categories of third parties to whom we disclose the personal information.‎
  5. The specific pieces of personal information we have collected about you.‎

You may make up to two disclosure requests in any 12-month period. See above for additional details on making a consumer request.

Right to Request Deletion

You have the right to request that we delete your personal information. See above for additional details about how to submit a consumer request.

You should be aware, however, that California law allows us to retain your personal information under certain conditions, even if you have asked us to delete it, such as when retaining your personal information is necessary for us to complete a transaction with you or provide you with a good or service you have requested.  We will notify you of any denial of your deletion request and the reason for such denial.

Right to Request Correction

You have the right to request that we correct your personal information. See above for additional details about how to submit a consumer request.

Right to Opt-Out of Sale and Sharing of Personal Information for Cross-Context Behavioral Advertising

You have the right to opt out of the sale and sharing of your personal information with third parties for the purpose of cross-context behavioral advertising. For example, when you visit our websites, we may use cookies and similar tools to make certain data available to third-party marketing and advertising partners who help us improve and deliver advertising.

You can opt out of this sharing by filling out and submitting the CCPA Do Not Sell or Share My Personal Information Opt-Out Form: https://www.amica.com/content/dam/amica/ccpa/ccpa-do-not-sell-share.pdf. You may also enable an opt-out preference signal on your web browser, such as the Global Privacy Control.  We apply such opt-out preference signals in accordance with the CCPA.

Right to Non-Retaliation for Exercise of Consumer Privacy Rights

We will not retaliate against you because you have chosen to exercise any of your privacy rights provided by the CCPA.

Using an Authorized Agent

You may use an authorized agent to submit a consumer request. To use an authorized agent, you will need to (i) provide written instruction to your agent, and verify your identity to us, or (ii) provide a power of attorney pursuant to California Probate Code Sections 4000 to 4465.

Contact Us

Please read this Policy carefully to understand our practices regarding how we process CCPA personal information. If you have any questions or comments about this notice, the ways in which we collect and use your information described here and in our Online Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Interactive Web Form: visit https://www.amica.com/en/privacy-security/ccpa.html to complete the form online, or print and complete the form and mail or email it to the address listed below.

Email:          CCPARequests@amica.com

Phone:         833-915-0020

Address:     Amica Mutual Insurance Company

                    Attn: Legal Department

                    P.O. Box 363

                    Lincoln, Rhode Island 02865